package com.ericsson.web.core;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class AuthenticationFilter implements Filter {

	@Override
	public void destroy() {
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain filterChain) throws IOException, ServletException {
		HttpServletRequest httpRequest = (HttpServletRequest)request;
		HttpServletResponse httpResponse = (HttpServletResponse)response;
		HttpSession session = httpRequest.getSession();
		Object userId = session.getAttribute(Constants.USERID);
		if(userId == null || (Integer)userId < 0) {
			Object redirectCount = session.getAttribute(Constants.REDIRECT);
			if(redirectCount == null || (Integer)redirectCount == 0) {
				httpResponse.sendRedirect("https://localhost:8443/xss-demo");
				session.setAttribute(Constants.REDIRECT, 1);
				System.out.println("Redirect to https");
			} else if(redirectCount != null && (Integer)redirectCount == 1) {
				httpResponse.sendRedirect(Constants.LOGIN_AUTH);
			}
			return;
		}

		filterChain.doFilter(request, response);
	}

	@Override
	public void init(FilterConfig arg0) throws ServletException {
		
	}

}
